-
- 225 Posts
I couldn't find a forum section for this particular plugin, so forgive me if there is one. Maybe I am missing the point of this plugin or how to use it, but here is my situation:
I am migrating a site from EVO to REVO using Provisoner. I know it's buggy with certain versions, so I am using EVO 1.0.5 and REVO 2.1.5. After the initial importing of content, etc, I can right-click and import each user (over a 100). I then have a great little snippet from BobRay that will automatically "unblock" all the users, which Provisioner blocks by default (I can post it if someone wants to see it).
My issue is that pbkdf2convert isn't converting the passwords. When a user goes to login, it isn't recognizing the old EVO password. Now I can go into the manager and change it myself or have them click "forgot password", but I don't want to have to do either.
I was under the impression that the plugin will auto convert the password upon the users first login to the REVO version of the site.
It will convert them, but they have to enter the password for it to work. Did you make sure the plugin was registered? I assume you are importing these users with hashing.modMD5 as the hash_class value? They would have to be in order for a) MODX to recognize the original password in MD5 format from Evo and b) the plugin to be able to know it needs to be converted from hashing.modMD5 to hashing.modPBKDF2.
-
- 225 Posts
I'm not following. This is what I did. After installing Provisioner and pbkdf2convert, I imported all the EVO content, etc. I then tired to import numerous users by right-clicking and selecting import. The users import fine, but I get an error when I try to login on each of them. I thought the password would auto convert at that point.
I am sure I am missing something, but I am lost. Now when I look into the modx_users table for the REVO version, I notice the hash_class is hashing.modPBKDF2. All I did was import the user, so I am not following on what I am doing wrong. I must have missed a step somewhere.
Now I also notice that the cachepwd field has a string, maybe that matters?
This sounds like an issue with the user import you are using. In order for it to work, it must import the users from Evo with their existing MD5 password value and a hash_class of hashing.modMD5. The MD5 hashes cannot be converted directly to PBKDF2; the user must successfully login against the MD5 hash, and if successful, the plain-text password they entered is rehashed as hashing.modPBKDF2 when that first login is completed. The user will notice no change.
-
- 225 Posts
Ok, that makes sense. Thanks, opengeek.
Is there a preferred method for importing users, a snippet, plugin, phpmyadmin, etc. I am using Provisioner, but apparently it's not working all too well.
MODX Staff